Hedgedoc
- Style frontpage
Configuration
/etc/webapps/hedgedoc/config.json
{
"production": {
"sessionSecret": "laPah7ohSheeroo4yep5shi7ioghie",
"email": false,
"domain": "archtest.lxd",
"loglevel": "debug",
"protocolUseSSL": true,
"allowAnonymous": false,
"hsts": {
"enable": true,
"maxAgeSeconds": 31536000,
"includeSubdomains": true,
"preload": true
},
"csp": {
"enable": true,
"directives": {
},
"upgradeInsecureRequests": "true",
"addDefaults": true,
"addDisqus": false,
"addGoogleAnalytics": false
},
"cookiePolicy": "lax",
"db": {
"dialect": "sqlite",
"storage": "/var/lib/hedgedoc/db.hedgedoc.sqlite"
},
"linkifyHeaderStyle": "gfm"
}
}
/etc/webapps/hedgedoc/sequelizerc
var path = require('path');
module.exports = {
'config': path.resolve('config.json'),
'migrations-path': path.resolve('lib', 'migrations'),
'models-path': path.resolve('lib', 'models'),
'url': 'sqlite:///var/lib/hedgedoc/db.hedgedoc.sqlite'
}
Nginx
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /socket.io/ {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
Keycloak
systemctl hedgedoc service override
CMD_OAUTH2_USER_PROFILE_URL=https://archkeycloak.lxd/auth/realms/archlinux/protocol/openid-connect/userinfo
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=preferred_username
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=name
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
CMD_OAUTH2_TOKEN_URL=https://archkeycloak.lxd/auth/realms/archlinux/protocol/openid-connect/token
CMD_OAUTH2_AUTHORIZATION_URL=https://archkeycloak.lxd/auth/realms/archlinux/protocol/openid-connect/auth
CMD_OAUTH2_CLIENT_ID=hedgedoc
CMD_OAUTH2_CLIENT_SECRET=23829d32-e820-4d03-8c5d-7a6b996daec0
CMD_OAUTH2_PROVIDERNAME=Keycloak
CMD_DOMAIN=archtest.lxd
CMD_PROTOCOL_USESSL=true
CMD_URL_ADDPORT=false